Lucene search
K

741 matches found

CNNVD
CNNVD
added 2022/10/04 12:0 a.m.8 views

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 7 and prior versions, which arises from failure to properly validate user-supplied data. If a user...

7.8CVSS8.1AI score0.00237EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/10/04 12:0 a.m.15 views

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 7 and prior versions, which arises from failure to properly validate user-supplied data, and allows...

7.8CVSS8.1AI score0.00231EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/10/04 12:0 a.m.6 views

Horner Automation Cscape 缓冲区错误漏洞

Horner Automation Cscape is a suite of programming software for industrial control system development from Horner Automation. A buffer error vulnerability exists in Horner Automation Cscape 9.90 SP 6 and prior versions, which arises from failure to properly validate user-supplied data. If a user...

7.8CVSS8.1AI score0.00237EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/08/26 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-324-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.04304EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/21 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-5528-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.1AI score0.03243EPSS
Exploits2References2
Snyk
Snyk
added 2022/05/04 11:34 a.m.4 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the TTFRenderTextSolid. This vulnerability is triggered by a crafted TTF file. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Commit - GitHub Issue...

7.8CVSS6.8AI score0.00946EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/05/04 3:15 a.m.2 views

CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS6AI score0.00946EPSS
Exploits1References9
OSV
OSV
added 2022/05/04 3:15 a.m.0 views

DEBIAN-CVE-2022-27470

SDLttf v2.0.18 and below was discovered to contain an arbitrary memory write via the function TTFRenderTextSolid. This vulnerability is triggered via a crafted TTF file...

7.8CVSS7.5AI score0.00946EPSS
Exploits1References1
OSV
OSV
added 2022/03/18 6:15 p.m.2 views

CVE-2022-24092

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

7.8CVSS7.6AI score0.04216EPSS
Exploits0References1
NVD
NVD
added 2022/03/18 6:15 p.m.17 views

CVE-2022-24092

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

9.3CVSS0.04216EPSS
Exploits0References1
OSV
OSV
added 2022/03/18 6:15 p.m.3 views

CVE-2022-24091

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

7.8CVSS7.6AI score
Exploits0References1
NVD
NVD
added 2022/03/18 6:15 p.m.14 views

CVE-2022-24091

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

9.3CVSS0.03844EPSS
Exploits0References1
NVD
NVD
added 2022/03/18 6:15 p.m.21 views

CVE-2021-30771

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution...

7.8CVSS0.01261EPSS
Exploits0References4
Prion
Prion
added 2022/03/18 6:15 p.m.19 views

Input validation

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution...

6.8CVSS7.7AI score0.01261EPSS
Exploits0References4Affected Software5
Prion
Prion
added 2022/03/18 6:15 p.m.20 views

Cross site scripting

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

9.3CVSS7.8AI score0.03844EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2022/03/18 5:59 p.m.22 views

CVE-2021-30771

An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution...

8AI score0.01261EPSS
Exploits0References4
CVE
CVE
added 2022/03/18 5:59 p.m.82 views

CVE-2021-30771

The CVE-2021-30771 entry affects Apple’s FontParser component (macOS Big Sur 11.4, iOS 14.6/iPadOS 14.6, watchOS 7.5, tvOS 14.6). It is caused by an out-of-bounds write when processing a maliciously crafted font file, with the impact described as arbitrary code execution. Apple’s advisory indicat...

7.8CVSS7.8AI score0.01261EPSS
Exploits0References4Affected Software5
Cvelist
Cvelist
added 2022/03/18 5:59 p.m.26 views

CVE-2022-24092 Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in...

7.8CVSS8AI score0.04216EPSS
Exploits0References1
Veracode
Veracode
added 2022/02/27 11:4 a.m.15 views

Denial Of Service (DoS)

pcf2bdf is vulnerable to denial of service. The vulnerability exists because, a segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file...

5.5CVSS5.2AI score0.00661EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/02/17 2:15 p.m.7 views

DEBIAN-CVE-2022-23319

A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...

5.5CVSS6.8AI score0.00661EPSS
Exploits1References1
Rows per page
Query Builder